
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e39332e33322e302f32342d3234203d3e203536353430.roa
File: 3138352e39332e33322e302f32342d3234203d3e203536353430.roa (raw, json)
Hash identifier: HvXkmdtdC32dSTWIY0cAkzB+UdrUmsdYv+S70CdH63c=
Subject key identifier: D3:CE:D6:C7:99:00:39:51:73:29:E4:E2:09:9B:3A:B1:33:48:24:80
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 7F105BD7A549FF09802DB326324CB779D8D10765
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e39332e33322e302f32342d3234203d3e203536353430.roa
Signing time: Tue 28 Jan 2025 00:53:52 +0000
ROA not before: Tue 28 Jan 2025 00:48:52 +0000
ROA not after: Tue 27 Jan 2026 00:53:52 +0000
asID: 56540
IP address blocks: 185.93.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Feb 2025 05:53:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:10:5b:d7:a5:49:ff:09:80:2d:b3:26:32:4c:b7:79:d8:d1:07:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jan 28 00:48:52 2025 GMT
Not After : Jan 27 00:53:52 2026 GMT
Subject: CN=D3CED6C7990039517329E4E2099B3AB133482480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:68:dc:6c:cd:66:de:23:71:5a:f5:b3:1d:cc:
bb:44:3f:c6:bb:43:aa:3d:72:c2:a9:6d:60:e3:c6:
82:cf:97:fb:b9:0d:ae:c4:42:d3:d0:28:46:03:c1:
8c:23:6a:1a:ec:c9:8f:3b:20:0b:e8:81:16:c5:21:
ab:61:82:f6:b3:f8:30:f5:31:12:46:3f:79:55:86:
da:d7:4d:4d:a7:79:6a:69:82:24:60:73:ed:0c:b6:
c4:0e:49:f3:28:6e:61:bf:48:18:2e:c8:d7:01:9b:
38:19:bb:e3:38:05:58:be:51:80:1f:09:06:19:10:
ee:68:94:ee:20:88:74:07:a1:e0:f6:88:ab:31:75:
93:7a:22:c0:4d:bd:f2:14:12:95:ab:88:10:aa:b2:
fc:a6:e2:2b:ce:2c:fe:ae:23:16:b8:78:6d:fa:77:
8f:65:b4:27:63:be:37:36:28:9c:19:2a:1f:56:4f:
65:78:30:8c:c8:bd:c4:f8:19:a7:23:cd:a1:d9:69:
36:49:3c:aa:ee:96:14:0f:15:b8:1b:7e:b9:42:66:
91:2a:28:be:91:d9:fa:30:e9:e3:b8:7b:08:9b:e3:
74:1b:8c:76:5d:b0:47:12:8d:fe:fd:0b:91:96:bb:
41:e9:46:cf:20:bd:f8:90:43:24:2a:3f:e4:39:af:
ec:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:CE:D6:C7:99:00:39:51:73:29:E4:E2:09:9B:3A:B1:33:48:24:80
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e39332e33322e302f32342d3234203d3e203536353430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.32.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:a5:d3:57:bc:9e:6c:10:b2:f2:13:fb:73:84:66:96:31:90:
72:18:5b:c7:cc:36:5b:96:02:63:7a:0e:18:16:c3:22:eb:0a:
a2:d6:a8:e4:f5:31:06:28:89:9c:39:ee:74:c3:57:86:09:bf:
d4:2c:99:d7:1a:d0:c7:35:16:0f:e5:0b:de:a4:1d:f1:43:3c:
cc:3f:0a:d0:8f:a3:82:14:9e:89:c5:df:25:da:e3:84:fd:c2:
7f:ad:56:bc:8c:56:8e:61:ac:b8:eb:80:30:6e:3d:27:64:f4:
5b:8e:b6:8e:90:39:71:dd:9a:57:aa:a4:06:73:28:59:d3:fb:
ca:73:e3:43:ab:f3:7b:7b:b2:07:89:11:58:2e:6f:b9:89:6e:
14:7e:97:22:60:ed:87:7d:b1:97:42:c9:2c:55:db:e4:69:90:
6a:c9:17:07:af:60:bf:f8:4f:32:d1:13:7b:c3:a2:04:6a:fd:
43:36:22:4a:5b:9e:ae:0e:9d:29:ea:84:93:ce:28:ed:8c:91:
3d:93:ff:c7:23:54:8a:2d:58:20:d3:94:68:6f:15:4a:c5:79:
81:6a:a5:5b:cb:24:3b:d9:15:5d:d5:85:39:69:a6:db:95:38:
6e:99:e0:5c:67:ca:e0:7a:e8:f1:2f:13:aa:d3:da:94:aa:5f:
1e:cd:fc:cb
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUfxBb16VJ/wmALbMmMky3edjRB2UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTAxMjgwMDQ4NTJaFw0yNjAxMjcwMDUzNTJaMDMxMTAvBgNV
BAMTKEQzQ0VENkM3OTkwMDM5NTE3MzI5RTRFMjA5OUIzQUIxMzM0ODI0ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMaNxszWbeI3Fa9bMdzLtEP8a7
Q6o9csKpbWDjxoLPl/u5Da7EQtPQKEYDwYwjahrsyY87IAvogRbFIathgvaz+DD1
MRJGP3lVhtrXTU2neWppgiRgc+0MtsQOSfMobmG/SBguyNcBmzgZu+M4BVi+UYAf
CQYZEO5olO4giHQHoeD2iKsxdZN6IsBNvfIUEpWriBCqsvym4ivOLP6uIxa4eG36
d49ltCdjvjc2KJwZKh9WT2V4MIzIvcT4GacjzaHZaTZJPKrulhQPFbgbfrlCZpEq
KL6R2fow6eO4ewib43QbjHZdsEcSjf79C5GWu0HpRs8gvfiQQyQqP+Q5r+yfAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU087Wx5kAOVFzKeTiCZs6sTNIJIAwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzOTMzMmUzMzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzNjM1MzQzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALld
IDANBgkqhkiG9w0BAQsFAAOCAQEAO6XTV7yebBCy8hP7c4RmljGQchhbx8w2W5YC
Y3oOGBbDIusKotao5PUxBiiJnDnudMNXhgm/1CyZ1xrQxzUWD+UL3qQd8UM8zD8K
0I+jghSeicXfJdrjhP3Cf61WvIxWjmGsuOuAMG49J2T0W462jpA5cd2aV6qkBnMo
WdP7ynPjQ6vze3uyB4kRWC5vuYluFH6XImDth32xl0LJLFXb5GmQaskXB69gv/hP
MtETe8OiBGr9QzYiSluerg6dKeqEk84o7YyRPZP/xyNUii1YINOUaG8VSsV5gWql
W8skO9kVXdWFOWmm25U4bpngXGfK4Hro8S8TqtPalKpfHs38yw==
-----END CERTIFICATE-----
Generated at Fri Feb 14 15:15:37 2025 by rpki-client